Latest Activity

Karaf Tutorial Part 4 - CXF Services in OSGi
3 weeks ago

By Christian Schneider

Blog post edited by Christian Schneider

Shows how to publish and use a simple REST and SOAP service in karaf using cxf and blueprint.

To run the example you need to install the http feature of karaf. The default http port is 8080 and can be configured using the
config admin pid "org.ops4j.pax.web". You also need to install the cxf feature. The base url of the cxf ...


Continue reading →

Apache Karaf Tutorial Part 6 - Database Access
1 month ago

By Christian Schneider

Blog post edited by Christian Schneider

Shows how to access databases from OSGi applications running in Karaf and how to abstract from the DB product by installing DataSources as OSGi services. Some new Karaf shell commands can be used to work with the database from the command line. Finally JDBC and JPA examples show how to use such a DataSource from user code.Prerequisites

...


Continue reading →

(Slightly) Faster WS-Security using MTOM in Apache CXF 3.1.2
1 month ago

By Colm O hEigeartaigh
A recent issue was reported at Apache CXF to do with the inability to process certain WS-Security requests that were generated by Metro or .NET when MTOM was enabled. In this case, Metro and .NET avoid BASE-64 encoding bytes and inserting them directly into the message (e.g. for BinarySecurityTokens or the CipherValue data associated with EncryptedData or EncryptedKey Elements). Instead the raw bytes are stored in a message attachment, and referred ...
Continue reading →

Apache CXF Fediz 1.2.0 tutorial - part IV
1 month ago

By Colm O hEigeartaigh
This is the fourth in a series of blog posts on the new features and changes in Apache CXF Fediz 1.2.0. The last two articles focused on how clients can authenticate to the IdP in Fediz 1.2.0 using Kerberos and TLS client authentication. In this post we will divert our attention from the IdP for the time being, and look at a new container-independent Relying Party (RP) plugin available in Fediz 1.2.0 based on Apache CXF.

1) RP plugins in Fediz

Apache ...
Continue reading →

Apache CXF Fediz 1.2.0 tutorial - part III
1 month ago

By Colm O hEigeartaigh
This is the third in a series of blog posts on the new features and changes in Apache CXF Fediz 1.2.0. The previous blog entry described how different client authentication mechanisms are supported in the IdP, and how to configure client authentication via an X.509 certificate, a new feature in Fediz 1.2.0. Another new authentication mechanism in Fediz 1.2.0 is the ability to authenticate to the IdP using Kerberos, which we will cover in this ...
Continue reading →

Securing Apache CXF with Apache Camel
1 month ago

By Colm O hEigeartaigh
The previous post I wrote about how to integrate Apache CXF with Apache Camel. The basic test scenario involved using an Apache CXF proxy service to authenticate clients, and Apache Camel to route the authenticated requests to a backend service, which had different security requirements to the proxy. In this post, we will look at a slightly different scenario, where the duty of authenticating the clients shifts from the proxy service to Apache Camel ...
Continue reading →

Integrating Apache CXF with Apache Camel
1 month ago

By Colm O hEigeartaigh
Apache Camel provides support for integrating Apache CXF endpoints via the camel-cxf component. A common example of the benefits of using Apache Camel with webservices is when a proxy service is required to translate some client request into a format that is capable of being processed by some backend service. Apache Camel ships with an example where a backend service consumes SOAP over JMS, and a proxy service translates a SOAP over HTTP client ...
Continue reading →

Karaf Tutorial Part 1 - Installation and First application
1 month ago

By Christian Schneider

Blog post edited by Christian Schneider

Getting StartedWith this post I am beginning a series of posts about Apache Karaf. So what is Karaf and why should you be interested in it? Karaf is an OSGi container based on Equinox or Felix. The main difference to these fine containers is that it brings excellent management features with it.

Outstanding features of Karaf:

  • Extensible ...

Continue reading →

Using SSH/SCP/SFTP with Apache Camel
1 month ago

By Colm O hEigeartaigh
Apache Camel contains a number of components to make it easy to work with SSH/SCP/SFTP. I've created a new camel-ssh testcase in github to illustrate how to use these various components, continuing on from previous posts describing the security capabilities of Apache Camel:
  • SSHTest: This test-case shows how to use the Apache Camel SSH component. The test fires up an Apache MINA SSHD server, which has been configured to allow authenticated users to ...

Continue reading →

Messieurs les contrôleurs de la SNCF vous faites un beau métier
2 months ago

By Olivier Lamy
Pour nos vacances en France, nous avons choisi de passer une semaine en Bretagne (cela tombe à point c'est la canicule à Paris).
En fait non, il n'y a rien d'improvisé et les billets ont été réservés et PAYES il y a près de deux mois par internet (ce point est important dans la suite du post).
Le train part donc de Paris Montparnasse à 10:04 ce mardi 30 Juin 2015. Depuis le début de nos vacances, nous avions prévu de rendre notre voiture ...
Continue reading →

An STS JAAS LoginModule for Apache CXF
2 months ago

By Colm O hEigeartaigh
Last year I blogged about how to use JAAS with Apache CXF, and the different LoginModules that were available. Recently, I wrote another article about using a JDBC LoginModule with CXF. This article will cover a relatively new JAAS LoginModule  added to CXF for the 3.0.3 release. It allows a service to dispatch a Username and Password to a STS (Security Token Service) instance for authentication via the WS-Trust protocol, and also to retrieve ...
Continue reading →

Apache Karaf Tutorial part 10 - Declarative services
2 months ago

By Christian Schneider

Blog post edited by Christian Schneider

This tutorial shows how to use Declarative Services together with the new Aries JPA 2.0.

You can find the full source code on github Karaf-Tutorial/tasklist-ds

Declarative Services

Declarative Services (DS) is the biggest contender to blueprint. It is a slim service injection framework that is completely focused on OSGi. DS allows you to ...


Continue reading →

Apache Karaf Tutorial Part 8 - Distributed OSGi
2 months ago

By Christian Schneider

Blog post edited by Christian Schneider - "Updated to karaf 3.0.3 and cxf dosgi 1.6.0"

By default OSGi services are only visible and accessible in the OSGi container where they are published. Distributed OSGi allows to define services in one container and use them in some other (even over machine boundaries).

For this tutorial we use the DOSGi sub project of CXF which ...


Continue reading →

A new Crypto implementation in Apache WSS4J
2 months ago

By Colm O hEigeartaigh
Apache WSS4J uses the Crypto interface to get keys and certificates for asymmetric encryption/decryption and signature creation/verification. In addition, it also takes care of verifying trust in an X.509 certificate used to sign some portion of the message. WSS4J currently ships with three Crypto implementations:
  • Merlin: The standard implementation, based around two JDK keystores for key/cert retrieval, and trust verification.
  • CertificateStore: Holds ...

Continue reading →

Using AWS KMS with Apache CXF to secure passwords
2 months ago

By Colm O hEigeartaigh
The previous tutorial showed how the AWS Key Management Service (KMS) can be used to generate symmetric encryption keys that can be used with WS-Security to encrypt and decrypt a service request using Apache CXF. It is also possible to use the KMS to secure keystore passwords for asymmetric encryption and signature, that are typically stored in properties files when using WS-Security with Apache CXF.

1) Encrypting passwords in a Crypto properties file

...
Continue reading →

Integrating AWS Key Management Service with Apache CXF
2 months ago

By Colm O hEigeartaigh
Apache CXF supports a wide range of standards designed to help you secure a web service request, from WS-Security for SOAP requests, to XML Security and JWS/JWE for XML/JSON REST requests. All of these standards provide for using symmetric keys to encrypt requests, and then using a master key (typically a public key associated with an X.509 certificate) to encrypt the symmetric key, embedding this information somewhere in the request. The usual ...
Continue reading →

Using a JDBC JAAS LoginModule with Apache CXF
2 months ago

By Colm O hEigeartaigh
Last year I wrote a blog entry giving an overview of the different ways that you can use JAAS with Apache CXF for authenticating and authorizing web service calls. I also covered some different login modules and linked to samples for authenticating a Username + Password to LDAP, as well as Kerberos Tokens to a KDC. This article covers how to use JAAS with Apache CXF to authenticate a Username + Password to a database via JDBC.

The test-case is ...
Continue reading →

Apache CXF Fediz 1.2.0 tutorial - part II
2 months ago

By Colm O hEigeartaigh
This is the second in a series of blog posts on the new features and changes in Apache CXF Fediz 1.2.0. The previous blog entry gave instructions about how to deploy the Fediz IdP and a sample service application in Apache Tomcat. This article describes how different client authentication methods are supported in the IdP, and how they can be selected by the service via the "wauth" parameter. Then we will extend the previous tutorial by showing how to ...
Continue reading →

Apache CXF Fediz 1.2.0 tutorial - part I
2 months ago

By Colm O hEigeartaigh
The previous blog entry gave an overview of the new features in Apache CXF Fediz 1.2.0. This post first focuses on setting up and running the IdP (Identity Provider) and the sample simpleWebapp in Apache Tomcat.

1) Deploying the 1.2.0 Fediz IdP in Apache Tomcat

Download Fediz 1.2.0 and extract it to a new directory (${fediz.home}). We will use a Apache Tomcat 7 container to host the Idp. To deploy the IdP to Tomcat:
  • Create a new directory: ...

Continue reading →

Enterprise ready request logging with CXF 3.1.0 and elastic search
2 months ago

By Christian Schneider

Blog post added by Christian Schneider

You may already know the CXF LoggingFeature. You used it like this:

Old CXF LoggingFeature <jaxws:endpoint ...> <jaxws:features> <bean class="org.apache.cxf.ext.logging.LoggingFeature"/> </jaxws:features> </jaxws:endpoint>

It allowed to add logging to a CXF endpoint at ...


Continue reading →
More Articles (+10)

Pages

Subscribe to Talend Community Coders aggregator